This fix requires you to modify your .htaccess file. Please could you try to add the following to your .htaccess file which is in the root of your WordPress installation:

<ifmodule mod_headers.c="">
SetEnvIf Origin "^(.*\.domain\.com)$" ORIGIN_SUB_DOMAIN=$1
Header set Access-Control-Allow-Origin "%{ORIGIN_SUB_DOMAIN}e" env=ORIGIN_SUB_DOMAIN
Header set Access-Control-Allow-Methods: "*"
Header set Access-Control-Allow-Headers: "Origin, X-Requested-With, Content-Type, Accept, Authorization"
</ifmodule>

Please replace “domain\.com” with your actual domain, and place a \ (backslash) before every dot; for example if your domain was www.mobile-smart.co.uk, you would do this:

“(.*\.mobile-smart\.co\.uk)$”

Let me know how this goes. If you want me to help you do this, please drop me a line at http://www.mobile-smart.co.uk/support with your website address and some temporary FTP details (revoke them when I’m done so that I don’t have permanent access).